When a user agent accesses a web server, the server can provide an optional header - accept-encoding header - which can specify the types of compression that the client supports. The server can then use one of the listed compression algorithms to compress the data that is returned to the client. Examples of the accept-encoding header include:
- Accept-Encoding: gzip
- Accept-Encoding: deflate, gzip;q=1.0, *;q=0.5
Because the Alert Logic® web application firewall (WAF) sits between clients and the back end servers, it must be explicitly configured to pass this header to the back end servers. The default configuration is that the header is not passed to the back end.
The following article describes how to change the default configuration so that the WAF can pass the accept-encoding header to the back end server.
Note: The following information applies only to customers with Alert Logic® Cloud Defender™ or Alert Logic Web Security Manager™ entitlements.
Solution
- In the Alert Logic console, under the Configuration main menu tab, click WAF in the sub-menu.
- Click Websites in the left sidebar.
- Click Manage Website to the right of the website that you want to enable the header for.
- Under ADC, click Load balancing.
- Under Insert request headers, check the box to Enable insert request headers.
- Under Header, insert "Accept-Encoding". Under Value, insert "http_accept_encoding".
- Click Add New and then Save settings.
Once you have saved these changes, the WAF will pass the accept-encoding header to the backend server.
For full details of the accept-encoding HTTP header, refer to the Hypertext Transfer Protocol document.
Comments
0 comments
Please sign in to leave a comment.